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Re ma rks / Aro u m en ts : 

Claims 1-20 are pending in the above Identified application. Claims 1-20 were rejected 
under 35 U.S.C. § 102(e) as being anticipated by Baird EEI et at. By this response, Applicant's 
traverse the rejection of all claims and request reconsideration. 

Rejection under 35 U.S.C. §102(e) 

In the Action at page 2, item 2, claims 1-20 are rejected under 35 U.S.C. §102(e) as 
being anticipated by Baird, III et al. (U.S. Patent No. 6,732, 278) (herein after referred to as 
Baird) 

Reconsideration is respectfully requested. 

Claims 1-2, 6-10, 12-13 and 16-17 

Although the Baird reference predates the filing date of this U.S. application no. 
09/819,509. The filing date (i.e., February 12, 2001) of Baird is after the filing date (i.e., 
December 14, 2000) of the U.S. provisional application no. 60/255,640 from which U.S. 
application no. 09/819,509 claims priority. Moreover, the description of at least the subject 
matter of claims 1, 2 6-10, 12, 13, 16 and 17 is supported by the U.S. provisional application 
no. 60/255,640 (copy enclosed) to satisfy the requirements of 35 U.S.C. § 112, first paragraph. 
Thus, pursuant to MPEP §§ 706.02(b) and 2136.05, claim 1-2, 6-10, 12, 13, 16 and 17 are not 
subject to rejection under 35 U.S.C. § 102(e) in view of Baird, since Baird is not a valid prior art 
reference with regard to at least these claims. 

Independent Claim 1 

Support for the recitations in claim 1 can be found in the original U.S. provisional 
application 60/255/640. More particularly, the recitations in claim 1 of: 

(1) "obtaining biometric data from a user" is supported by at least the disclosure at page 
5, first full paragraph, for example which discloses that *the user has previously trained the 
server to recognize the biometric password this password is biometric data ... as identifying 
the user... For example, a user may provide N right thumb prints, or signatures .„;" 
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(2) "generating a one-time password for the user" is supported by at least the disclosure 
at page 3, third full paragraph, for example which discloses that n the remote server 102 sends 
the value n with a request for the user's computer 100 to calculate the value hash n " l (password) 
[i.e., the one-time password]. The user's computer 100 calculates this value and sends it back 
to the remote server 102;" and 

(3) "combining the biometric data and the one-time password to form the strong 
password" is supported by at least the disclosure at page 5, second full paragraph, for example, 
which discloses that *[t]he strong password may be generated, for example, by concatenating 
the biometric password with the OTP [one time password]" (brackets added). 

Thus, with regard to item 1, biometric data, such as thumb prints, is obtained by r for 
example, the server, with regard to item 2, the user's computer 100, for example, calculates 
and sends (i.e., generates) the value hash"" 1 (password) (i.e., the one-time password), and with 
regard to item 3, the strong password may be combined from the biometric data and the one- 
time password, for example, by concatenating the biometric password with the one time 
password. 

Independent Claim € 

Support for the recitations in claim 6 can be found in the original U.S. provisional 
application 60/255,640. More particularly, the recitation in claim 6 of: 

at least one first computer securely coupled to the remote computer 
system; at least one second computer coupled to said at least one 
first computer and configured to obtain identifying information from 
a user; whereby the second computer passes the identifying 
information to the first computer, the first computer passes the 
identifying information to the remote computer system and the 
remote computer system verifies the identifying information 

is supported by at least the disclosure at page 4, first full paragraph and Figure 2, 
for example, which discloses a first dedicated computer 202 and a second 
computer 204 each outside the firewall, a remote computer 100 outside the 
firewall that communicates with the first dedicated computer 202, and a server 
102 inside the firewall 206. That is, for example: 
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(1) the server and local area network (LAN) shown in Figure 2 of the U.S. 
provisional application 60/255,640 is exemplary of at least the remote computer 
system recited in claim 6; 

(2) the first dedicated computer 202 that uses Secure Socket Layer (SSL) 
connections, as disclosed in the U.S. provisional application 60/255,640, is 
exemplary of the second computer recited in claim 6; and 

(3) the second computer 204 through which the first dedicated computer 
202 communicates with the internal server 102 to authenticate a users access 
privileges (i.e./ verifies the identifying information of a user), as disclosed in the 
U.S. provisional application 60/255,640, is exemplary of at least the one second 
computer recited in claim 6. (See also U.S. provisional application at the 
paragraph spanning pages 5 and 6.) 

Independent claims 16 and 12 which includes recitations similar to those of 
claims 1 and 6, respectively, are also supported by the same portions of the 
disclosure in the U.S. provisional application 60/255,640 as those of claims l and 
6, 

Accordingly, it is submitted that independent claims 1, 6, 12 and 16 are 
allowable, since the cited art of Baird is not a valid prior reference against these 
claims under 35 U.S.C. §102(e) 

Dependent Claims 2 and 17 

Support For the recitations of claims 2 and 17 can be found in the U.S. 
provisional application, for example, at page 5, lines 21-25 and page 6, lines 23- 
28. 

Dependent Claim 7 

Support for the recitation of claim 7 can be found in the U.S. provisional 
application, for example, at page 6, lines 16-22. 
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Dependent Claim 8 

Support for the recitation of claim 8 can be found in the U.S. provisional 
application, for example, at page 6, lines 23-28. 

Dependent Claims 9-10 

Support for the recitations of claims 9-10 can be found in the U.S. 
provisional application, for example, at page 4, lines 10-22 and page 6, lines 13- 
15. 

Dependent Claims 13 

Support for the recitation of claim 13 can be found in the U.S. provisional 
application, for example, at page 6, line 10 to page 7, line 26 and, in particular, 
page 7, lines 10-26. 

Accordingly, it is submitted that dependent claims 2, 7-10, 13 and 17 are 
allowable, since the cited art of Baird is not a valid prior reference under 35 U.S.C. 
§102(e). 

Claims 3-5, 11, IS and 18-20 

Independent claims 3 and 18, as well as dependent claim 15, each include the feature of 
a "one-time password," which is not disclosed or suggested by Baird. The Examiner is 
requested to review the original specification at, for example, paragraphs [0008]-[0010] with 
regard to the meaning of the term "one-time password." 

Baird discloses frequently modifying passwords and, more particularly, "for maximum 
security, the preferences database 408 can be configured for optimum password security by 
requiring an account password to be changed at each log in." (See Baird at column 8, lines 17- 
21.) However, the requirement of Baird to change the account password is different from a 
one-time password based on a hash function. 

Accordingly, claims 3 and 18 as well as dependent claims 4-5, 15 and 19-20 which 
either include the u one-time password" feature or depend from a claim which includes this 
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feature are not subject to the rejection under 35 U.S.C. § 102(e) in view of Baird, and are 
submitted to be allowable. 

Claim 11 which depends from claim 7, also is submitted to be allowable in view of Baird 
as claim 7 includes the one-time password feature. 

Claim 14 

Claim 14 includes the recitation of "encrypting the data with a symmetric encryption key 
... and encrypting the combined encryption key and strong password with an asymmetric 
encryption key." Baird does not disclose or suggest encrypting data with both symmetric 
(secret) and asymmetric (public) encryption keys. 

Baird discloses, for example, at the portions cited by the Examiner, 'an encryption key" 
but is silent regarding encryption using both symmetric and asymmetric encryption keys. 

Accordingly, claim 14 is not subject to the rejection in view of Baird, and is submitted 
not to be subject to rejection under 35 U.S.C. § 102(e) in view of Baird. 



I 

i 
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Conclusion 

In view of the foregoing remarks, Applicants request that the Examiner reconsider and 
withdraw the rejection of claims 1-20. 



Dated; January 24, 2005 
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